The spec defines a global security scheme EODHDQueryKey (type apiKey, in query) and applies it at the top level:
security:
- EODHDQueryKey: []
However, every endpoint also declares api_token as an explicit required query parameter. This is redundant and causes issues with OpenAPI code generators: the generated SDK functions require callers to pass api_token manually on every call, defeating the purpose of centralized auth configuration.
The global security scheme alone is sufficient to describe the authentication mechanism. Removing the per-endpoint api_token parameter would:
- Eliminate the duplication
- Allow generated clients to handle auth transparently via a single configuration point
- Better follow OpenAPI best practices for API key authentication
The spec defines a global security scheme
EODHDQueryKey(typeapiKey, inquery) and applies it at the top level:However, every endpoint also declares
api_tokenas an explicit required query parameter. This is redundant and causes issues with OpenAPI code generators: the generated SDK functions require callers to passapi_tokenmanually on every call, defeating the purpose of centralized auth configuration.The global security scheme alone is sufficient to describe the authentication mechanism. Removing the per-endpoint
api_tokenparameter would: